The vulnerabilities rely on the fact that the Asterisk Management Interface (AMI) reserves a space on the stack, the size of which can be specified by the attacker. If the reserved space does not fit on the stack, an overflow occurs. Brandon Edwards, one of the team which discovered the vulnerabilities, has posted a detailed description on his blog.